当前位置: 首页>>代码示例>>Python>>正文


Python ssdeep.hash函数代码示例

本文整理汇总了Python中ssdeep.hash函数的典型用法代码示例。如果您正苦于以下问题:Python hash函数的具体用法?Python hash怎么用?Python hash使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。


在下文中一共展示了hash函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。

示例1: _calc_score

 def _calc_score(self, lt_new):
     try:
         import ssdeep
     except ImportError:
         raise ImportError(
                 "ltgroup algorithm <ssdeep> needs python package ssdeep")
     ret = []
     h1 = ssdeep.hash(str(lt_new))
     if self._mem_hash:
         if len(self._d_hash) == 0:
             # initialize d_hash
             for lt in self._lttable:
                 h = ssdeep.hash(str(lt))
                 self._d_hash[lt.ltid] = h
         for ltid, lt_temp in enumerate(self._lttable):
             h2 = self._d_hash[lt_temp.ltid]
             score = ssdeep.compare(h1, h2)
             ret.append((ltid, score))
         self._d_hash[lt_new.ltid] = h1
     else:
         for lt_temp in self._lttable:
             ltid = lt_temp.ltid
             score = hash_score(str(lt_new), str(lt_temp))
             ret.append((ltid, score))
     return ret
开发者ID:cpflat,项目名称:LogCausalAnalysis,代码行数:25,代码来源:lt_misc.py

示例2: testComputeHash

    def testComputeHash(self):
        self.assertEqual(
            ssdeep.hash("Also called fuzzy hashes, Ctph can match inputs that have homologies."),
            "3:AXGBicFlgVNhBGcL6wCrFQEv:AXGHsNhxLsr2C"
        )

        self.assertEqual(
            ssdeep.hash("Also called fuzzy hashes, CTPH can match inputs that have homologies."),
            "3:AXGBicFlIHBGcL6wCrFQEv:AXGH6xLsr2C"
        )
开发者ID:mklauber,项目名称:python-ssdeep,代码行数:10,代码来源:test.py

示例3: getFileProperties

    def getFileProperties(self, filename,fc):
        self.logger.info("Getting file ID")
        fp={'filename':filename}
        try:
            #File size
            fp['size']=len(fc)
            #MD5
            m=hashlib.md5()
            m.update(fc)
            fp['md5']=m.hexdigest()
            #SHA1
            m=hashlib.sha1()
            m.update(fc)
            fp['sha1']=m.hexdigest()
            #SHA256
            m=hashlib.sha256()
            m.update(fc)
            fp['sha256']=m.hexdigest()
            #SSDEEP
            fp['ssdeep']=ssdeep.hash(fc)
            #Magic
            fp['magic']=magic.from_buffer(fc)
            #Exiftool
            #NOTE: exiftool shits itself on certian formats, wipe it's ass someday
            fp['filetype']=self.et.get_tag('FileType',self.incoming+filename)
            #Tag
            if fp['magic'] is not '':
                fp['tags']=[fp['magic'].split()[0].lower()]
            else:
                fp['tags']=[]

        except IOError as e:
            self.logger.error("IO Error", exc_info=True)

        return {'_id':fp['sha1'],'id':fp}
开发者ID:alrawi,项目名称:orchestrator,代码行数:35,代码来源:feeder.py

示例4: getPerFunctionHash

def getPerFunctionHash():
	"""
		Iterates on program function and, for each, computes
	 	- MD5 sum
	 	- SSDEEP
	"""
	functions = Functions()
	hashes = {}
	for function in functions:
		funcCode = getFunctionCode(function)
		funcCode = cleanUpCode(function, funcCode)
		ssdeepstr = ssdeep.hash(funcCode)
		md5str = md5.new(funcCode).hexdigest()
		#lsh = LSHash(512, len(funcCode))
		#lsh.index(funcCode)
		# TODO ADD OTHER TYPE OF HASHES
		hashes[function] = {
			"md5" : md5str,
			"ssdeep" : ssdeepstr,
		}
		if debug:
			print "sub_%08x %s %s" % (function, md5str, ssdeepstr) # DEBUG

	if dump: # save hash table in dump mode
		fd = open("./%s/%s.pickle" % (dumpdir, "hashes"), "w")
		pickle.dump(hashes, fd)
		fd.close()
	return hashes
开发者ID:ddurvaux,项目名称:PyUnpacker,代码行数:28,代码来源:ida.py

示例5: build_sample

    def build_sample(self, data, url=None):
        if not data:
            return None

        p = dict()
        p["type"] = self.get_sample_type(data)
        if p["type"] is None:
            return None

        p["md5"] = hashlib.md5(data).hexdigest()
        p["sha1"] = hashlib.sha1(data).hexdigest()

        if SSDEEP:
            p["ssdeep"] = ssdeep.hash(data)

        if p["type"] in ("PE",):
            imphash = self.get_imphash(data)
            if imphash:
                p["imphash"] = imphash

        if url:
            p["url"] = url

        p["data"] = base64.b64encode(data)

        return p
开发者ID:execgit,项目名称:thugdom,代码行数:26,代码来源:SampleLogging.py

示例6: build_sample

    def build_sample(self, data, url = None, sampletype = None):
        if not data:
            return None

        p = dict()

        if sampletype:
            p['type'] = sampletype
        else:
            p['type'] = self.get_sample_type(data)

        if p['type'] is None:
            return None

        p['md5']    = hashlib.md5(data).hexdigest()
        p['sha1']   = hashlib.sha1(data).hexdigest()
        p['sha256'] = hashlib.sha256(data).hexdigest()

        if SSDEEP:
            p['ssdeep'] = ssdeep.hash(data)

        if p['type'] in ('PE', ):
            imphash = self.get_imphash(data)
            if imphash:
                p['imphash'] = imphash

        if url:
            p['url'] = url

        p['data'] = base64.b64encode(data)

        return p
开发者ID:buffer,项目名称:thug,代码行数:32,代码来源:SampleLogging.py

示例7: compute_ssdeep

def compute_ssdeep(fp):
    try:
        buff = fp.read()
    except AttributeError:
        pass
    else:
        return ssdeep.hash(buff)
开发者ID:hypawn,项目名称:mazu,代码行数:7,代码来源:utils.py

示例8: getfuzzyhash

def getfuzzyhash():
    """Returns fuzzy hash of spam.
    This function returns hash generated using the ssdeep library.
    Hash is generated using the combination of mail's body + subject.
    Msg length is being checked because SSDEEP has some issues with comparing hashes
    of small spams. If spam's body is very less or non existent, we add our randomText to body.
    There would be certain cases when there wouldn't be any html or text portion i.e. email body would be empty. Hence forth len = html/text + subject
    In shivamaindb.py if len < 10 then keeping comparision ratio higher
    """
    if mailFields['html']:
        if len(mailFields['html']) < 150:
            data = mailFields['html'] + " " + mailFields['subject'] + randomText
        else:
            data = mailFields['html'] + " " + mailFields['subject']
        mailFields['len'] = len(mailFields['html']) + len(mailFields['subject'])
    
    elif mailFields['text']:
        if len(mailFields['text']) < 150:
            data = mailFields['text'] + " " + mailFields['subject'] + randomText
        else:
            data = mailFields['text'] + " " + mailFields['subject']
        mailFields['len'] = len(mailFields['text']) + len(mailFields['subject'])
    else:
        # Test mails without body and limited chars in subject
        data = mailFields['subject'] + mailFields['from'] + randomText
        mailFields['len'] = len(mailFields['subject'])
    
    return ssdeep.hash(data)
开发者ID:gregtampa,项目名称:shiva,代码行数:28,代码来源:shivamailparser.py

示例9: compute_hashes

    def compute_hashes(self):
        """ Compute the file hashes """
        filename = self.get_file_path(self.sha256)

        # Make sure the file exists and is readable
        if not os.access(filename, os.R_OK):
            flash('There was an error while trying to analyse the file.', 'danger')
            return False

        with open(filename, 'rb') as f:
            buf = f.read()

        if self.sha256 is None:
            self.sha256 = hashlib.sha256(buf).hexdigest()
        if self.sha1 is None:
            self.sha1 = hashlib.sha1(buf).hexdigest()
        if self.md5 is None:
            self.md5 = hashlib.md5(buf).hexdigest()
        if self.ssdeep is None:
            self.ssdeep = ssdeep.hash(buf)
        if self.mime is None:
            try:
                self.mime = magic.from_buffer(buf, mime=True).decode('utf-8')
            except:
                self.mime = None
        if self.entropy is None:
            self.entropy = self.compute_entropy(buf)
开发者ID:nbs-system,项目名称:mowr,代码行数:27,代码来源:sample.py

示例10: hash_data

def hash_data(file):
    md5 = hashlib.md5(file.content).hexdigest()
    sha128 = hashlib.sha1(file.content).hexdigest()
    sha256 = hashlib.sha256(file.content).hexdigest()
    sha512 = hashlib.sha512(file.content).hexdigest()
    ssdeep_hash = ssdeep.hash(file.content)
    hash = {'evil_finder_md5':md5, 'evil_finder_sha128':sha128, 'evil_finder_sha256':sha256, 'evil_finder_sha512':sha512, 'evil_finder_ssdeep':ssdeep_hash}
    return hash
开发者ID:Dhatheway,项目名称:evil_finder,代码行数:8,代码来源:evil_finder.py

示例11: execute

 def execute(self, input_data):
     raw_bytes = input_data['sample']['raw_bytes']
     self.meta['sha1'] = hashlib.sha1(raw_bytes).hexdigest()
     self.meta['sha256'] = hashlib.sha256(raw_bytes).hexdigest()
     self.meta['ssdeep'] = ssd.hash(raw_bytes)
     self.meta['entropy'] = self._entropy(raw_bytes)
     self.meta.update(input_data['meta'])
     return self.meta
开发者ID:anthonykasza,项目名称:workbench,代码行数:8,代码来源:meta_deep.py

示例12: main

def main():
    """Entry function."""
    parser = argparse.ArgumentParser(
        description='Process Fuzzy hashing comparison between project url and \
        return project urls')

    parser.add_argument("input_csv_file", help="Specify the csv file to read")
    parser.add_argument(
        "number_urls", help="Number of found urls to process fuzzy hashing \
        (max = 10)")

    args = parser.parse_args()

    input_csv_file = args.input_csv_file
    number_urls = int(args.number_urls)

    header_names = ['acronym', 'title', 'projectUrl', 'foundProjectUrl1',
                    'foundProjectUrl2', 'foundProjectUrl3',
                    'foundProjectUrl4', 'foundProjectUrl5',
                    'foundProjectUrl6', 'foundProjectUrl7',
                    'foundProjectUrl8', 'foundProjectUrl9',
                    'foundProjectUrl10']
    df = pd.read_csv(input_csv_file, sep=',', quotechar='"',
                     names=header_names, index_col=False)

    df['projectUrlHash'] = np.nan
    df['foundProjectUrl1Hash'] = np.nan
    df['foundProjectUrl2Hash'] = np.nan
    df['foundProjectUrl3Hash'] = np.nan
    df['foundProjectUrl4Hash'] = np.nan
    df['foundProjectUrl5Hash'] = np.nan
    df['foundProjectUrl6Hash'] = np.nan
    df['foundProjectUrl7Hash'] = np.nan
    df['foundProjectUrl8Hash'] = np.nan
    df['foundProjectUrl9Hash'] = np.nan
    df['foundProjectUrl10Hash'] = np.nan
    df['MatchScore1'] = np.nan
    df['MatchScore2'] = np.nan
    df['MatchScore3'] = np.nan
    df['MatchScore4'] = np.nan
    df['MatchScore5'] = np.nan
    df['MatchScore6'] = np.nan
    df['MatchScore7'] = np.nan
    df['MatchScore8'] = np.nan
    df['MatchScore9'] = np.nan
    df['MatchScore10'] = np.nan

    for index, row in df.iterrows():
        print "computing fuzzy hash for project %s" % row['acronym']
        try:
            df.ix[index, 'projectUrlHash'] = ssdeep.hash(
                urllib2.urlopen(row['projectUrl'], timeout=10).read())
        except urllib2.HTTPError, e:
            print e.code
        except urllib2.URLError, e:
            print e.reason
开发者ID:arquivo,项目名称:Research-Websites-Preservation,代码行数:56,代码来源:process_fuzzy_hashs.py

示例13: _run

    def _run(self, scanObject, result, depth, args):
        '''
        Assumes:
            there is a string like object in scanObject.buffer
        Ensures:
            hash values added using scanObject.addMetadata

        Laika Config File Options:
            hashmd5:    "1" = md5.hexdigest,    "0" = omit
            hashSHA1:   "1" = sha1.hexdigest,   "0" = omit
            hashSHA256: "1" = sha256.hexdigest, "0" = omit
            hashSHA512: "1" = sha256.hexdigest, "0" = omit
            hashSHA1:   "1" = sha1.hexdigest,   "0" = omit
            ssdeep:     "1" = ssdeep.hash,      "0" = omit

        Function Arguments:
        :param scanObject:<laikaboss.objectmodel.ScanObject>
        :param result:<laikaboss.objectmodel.ScanResult>
        :param depth:<int>
        :param args:<dict> --execution flow controls--
                    Valid args names <str> (value must be 1, 0, "1", or "0")
                        1/"1": Generate the hash of named type
                        0/"0": Omit the hash of named type
                        default args:
                        {"md5":1,
                         "SHA1":0,
                         "SHA256":1,
                         "SHA512":1,
                         "ssdeep":0}

        :return: Always returns a empty list (no child objects)
        '''
        moduleResult = []
        metaDict = {}
        if int(get_option(args, 'md5', 'hashmd5', "md5" in self.module_defaults)):
            metaDict['md5'] = hashlib.md5(scanObject.buffer).hexdigest()
        if int(get_option(args, 'SHA1', 'hashSHA1', "SHA1" in self.module_defaults)):
            metaDict['SHA1'] = hashlib.sha1(scanObject.buffer).hexdigest()
        if int(get_option(args, 'SHA256', 'hashSHA256', "SHA256" in self.module_defaults)):
            metaDict['SHA256'] = hashlib.sha256(scanObject.buffer).hexdigest()
        if int(get_option(args, 'SHA512', 'hashSHA512', "SHA512" in self.module_defaults)):
            metaDict['SHA512'] = hashlib.sha512(scanObject.buffer).hexdigest()
        if int(get_option(args, 'ssdeep', 'hashssdeep', "ssdeep" in self.module_defaults)):
            #only import ssdeep if dispatched.
            #Prevents import error if you don't have/want the package
            #python should keep handing you the original, minimal/no overhead
            try:
                import ssdeep
                metaDict['ssdeep'] = ssdeep.hash(scanObject.buffer)
            except ImportError:
                metaDict['ssdeep'] = "" #indicate ssdeep was configured but failed


        scanObject.addMetadata(self.module_name, "HASHES", metaDict)
        
        return moduleResult
开发者ID:bauman,项目名称:laikaboss,代码行数:56,代码来源:meta_hash.py

示例14: META_BASIC_INFO

def META_BASIC_INFO(s, buff):

   BASIC_INFO = OrderedDict([('MD5', hashlib.md5(buff).hexdigest()),
                           ('SHA1', hashlib.sha1(buff).hexdigest()),
                           ('SHA256', hashlib.sha256(buff).hexdigest()),
                           ('SHA512', hashlib.sha512(buff).hexdigest()),
                           ('ssdeep' , ssdeep.hash(buff)),
                           ('Size', '%s bytes' % len(buff))])

   return BASIC_INFO
开发者ID:EmersonElectricCo,项目名称:fsf,代码行数:10,代码来源:META_BASIC_INFO.py

示例15: processMeta

def processMeta(pe,fc, profile):
    profile[PROFILE.STATIC][META.fileSize]=len(fc)
    profile[PROFILE.STATIC][META.timeStamp]=pe.FILE_HEADER.TimeDateStamp
    profile[PROFILE.STATIC][META.dll]=pe.FILE_HEADER.IMAGE_FILE_DLL
    profile[PROFILE.STATIC][META.numberSec]=pe.FILE_HEADER.NumberOfSections
    profile[PROFILE.STATIC][META.importHash]=pe.get_imphash()
    profile[PROFILE.STATIC][META.md5]=hashlib.md5(fc).hexdigest()
    profile[PROFILE.STATIC][META.sha1]=hashlib.sha1(fc).hexdigest()
    profile[PROFILE.STATIC][META.ssdeep]=ssdeep.hash(fc)
    return profile
开发者ID:alrawi,项目名称:pype,代码行数:10,代码来源:pep.py


注:本文中的ssdeep.hash函数示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。